From patchwork Fri Oct 13 09:00:16 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: George Dunlap X-Patchwork-Id: 10003797 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id A59A460216 for ; Fri, 13 Oct 2017 09:02:33 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 9AFD9283FF for ; Fri, 13 Oct 2017 09:02:33 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 8FBE129002; Fri, 13 Oct 2017 09:02:33 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-4.2 required=2.0 tests=BAYES_00, RCVD_IN_DNSWL_MED autolearn=ham version=3.3.1 Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id 17B3F283FF for ; Fri, 13 Oct 2017 09:02:33 +0000 (UTC) Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.84_2) (envelope-from ) id 1e2vpU-0001RX-TP; Fri, 13 Oct 2017 09:00:28 +0000 Received: from mail6.bemta5.messagelabs.com ([195.245.231.135]) by lists.xenproject.org with esmtp (Exim 4.84_2) (envelope-from ) id 1e2vpT-0001R4-Bq for xen-devel@lists.xenproject.org; Fri, 13 Oct 2017 09:00:27 +0000 Received: from [85.158.139.211] by server-1.bemta-5.messagelabs.com id A1/C0-15990-9A080E95; Fri, 13 Oct 2017 09:00:25 +0000 X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFvrOLMWRWlGSWpSXmKPExsXitHSDve7Shge RBs+mmFp83zKZyYHR4/CHKywBjFGsmXlJ+RUJrBlX7tkVvOGtWLjiFFsD4zquLkZODgkBf4nd HxuZQWw2AT2Jece/snQxcnCICKhI3N5rABJmFnjKKLFyrxiILSwQIXHvzwuwchYBVYmW5smMI DavgI3EnRNrWCBGyku8X3AfLC4EVLP4wVF2iBpBiZMzn7BAzJSQOPjiBfMERu5ZSFKzkKQWMD KtYtQoTi0qSy3SNbLUSyrKTM8oyU3MzNE1NDDVy00tLk5MT81JTCrWS87P3cQIDIR6BgbGHYy Xt/gdYpTkYFIS5VWLfBApxJeUn1KZkVicEV9UmpNafIhRhoNDSYK3rB4oJ1iUmp5akZaZAwxJ mLQEB4+SCK85SJq3uCAxtzgzHSJ1ilGXo+Pm3T9MQix5+XmpUuK8tiBFAiBFGaV5cCNg8XGJU VZKmJeRgYFBiKcgtSg3swRV/hWjOAejkjBvG8gUnsy8ErhNr4COYAI64l0E2BEliQgpqQbG+S HFq/pVVz7ruiniXyA+sz7ryoFjx+OzOmQNnf2tf9bk+U3g7XRb9nwK29rLXjMV9GUYjzQfmb6 bIb745NwVrj9+dk8zjOc8dGfOj53P738yXy15U9bY/Yv/8ScVmwPr5wZ0lEx4K7S+ImKjOvvt gqM3TfduTbNzDTjR57hZe/PZvO0f+ebMV2Ipzkg01GIuKk4EABLUFzGKAgAA X-Env-Sender: prvs=45232a33e=George.Dunlap@citrix.com X-Msg-Ref: server-9.tower-206.messagelabs.com!1507885220!106909035!1 X-Originating-IP: [66.165.176.63] X-SpamReason: No, hits=0.0 required=7.0 tests=sa_preprocessor: VHJ1c3RlZCBJUDogNjYuMTY1LjE3Ni42MyA9PiAzMDYwNDg=\n, received_headers: No Received headers X-StarScan-Received: X-StarScan-Version: 9.4.45; banners=-,-,- X-VirusChecked: Checked Received: (qmail 30781 invoked from network); 13 Oct 2017 09:00:21 -0000 Received: from smtp02.citrix.com (HELO SMTP02.CITRIX.COM) (66.165.176.63) by server-9.tower-206.messagelabs.com with RC4-SHA encrypted SMTP; 13 Oct 2017 09:00:21 -0000 X-IronPort-AV: E=Sophos;i="5.43,370,1503360000"; d="scan'208";a="453829123" From: George Dunlap To: Date: Fri, 13 Oct 2017 10:00:16 +0100 Message-ID: <20171013090016.9042-1-george.dunlap@citrix.com> X-Mailer: git-send-email 2.14.2 MIME-Version: 1.0 Cc: Wei Liu , Andrew Cooper , George Dunlap , Julien Grall , Jan Beulich , Ian Jackson Subject: [Xen-devel] [PATCH for-4.10] fuzz/x86_emulate: Fix afl-harness batch mode file pointer leak X-BeenThere: xen-devel@lists.xen.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xen.org Sender: "Xen-devel" X-Virus-Scanned: ClamAV using ClamSMTP Changeset XXXX introduced "batch mode" to afl-harness, which allowed the handling of several inputs in sequence. Unfortunately, it introduced a file pointer leak when the file was larger than the maximum size. Restructure the code to always close fp if we opened it. Signed-off-by: George Dunlap Reviewed-by: Jan Beulich --- Release exception justification: - This is a bug fix. The problem is relatively minor, but the fix is relatively minor too. CC: Andrew Cooper CC: Jan Beulich CC: Ian Jackson CC: Wei Liu CC: Julien Grall --- tools/fuzz/x86_instruction_emulator/afl-harness.c | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/tools/fuzz/x86_instruction_emulator/afl-harness.c b/tools/fuzz/x86_instruction_emulator/afl-harness.c index d514468dd2..a2bae46d98 100644 --- a/tools/fuzz/x86_instruction_emulator/afl-harness.c +++ b/tools/fuzz/x86_instruction_emulator/afl-harness.c @@ -99,13 +99,17 @@ int main(int argc, char **argv) exit(-1); } - if ( !feof(fp) ) + /* Only run the test if the input file was smaller than INPUT_SIZE */ + if ( feof(fp) ) + { + LLVMFuzzerTestOneInput(input, size); + } + else { printf("Input too large\n"); /* Don't exit if we're doing batch processing */ if ( max == 1 ) exit(-1); - continue; } if ( fp != stdin ) @@ -113,8 +117,6 @@ int main(int argc, char **argv) fclose(fp); fp = NULL; } - - LLVMFuzzerTestOneInput(input, size); } return 0;